#! /bin/bash

fcopy -iM /etc/docker/daemon.json
fcopy -iM /etc/modprobe.d/blacklist-nouveau.conf

#netfilter conntrack
ainsl -a /etc/modprobe.d/netfilter.conf 'options nf_conntrack hashsize=262144'
ainsl -a /etc/modules-load.d/netfilter.conf 'iptable_nat'
cat <<EOM > $target/etc/modules-load.d/kube_proxy-ipvs.conf
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
EOM

sed -i 's/^net.ipv4.ip_forward.*$/net.ipv4.ip_forward=1/' $target/etc/sysctl.conf
sed -i 's/^#net.bridge.bridge-nf-call/net.bridge.bridge-nf-call/' $target/etc/sysctl.conf
sed -i 's/^#net.ipv4.vs/net.ipv4.vs/' $target/etc/sysctl.conf
sed -i 's/^#net.nf_conntrack/net.nf_conntrack/' $target/etc/sysctl.conf
sed -i 's/^#net.netfilter.nf_conntrack/net.netfilter.nf_conntrack/' $target/etc/sysctl.conf

ifclass -o PXECENTOS PXECENTOS8 && $ROOTCMD ln -sf /usr/lib/systemd/system/docker.service /etc/systemd/system/multi-user.target.wants/docker.service

exit $error
